<? session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
</head>

<body>

	<?php
    	include "connectdb.php";
		
		if($_POST["username"]){
			$username = $_POST["username"];
			$pwd = $_POST["pwd"];
			
			$sql = "Select * from member where memusername='".$username ."' and mempwd=MD5('".$pwd ."');";
			$result = mysql_query($sql);
			$row = mysql_num_rows($result);
			
			if($row == 1){
				$dbarr = mysql_fetch_array($result);
				$_SESSION["memid"] = $dbarr["memid"];
				$_SESSION["memname"] = $dbarr["memname"];
				$_SESSION["mempwd"] = $dbarr["memsurname"];
				$_SESSION["memtype"] = $dbarr["memtype"];
				$_SESSION["memstatus"] = $dbarr["memstatus"];
			}
			else{
				?>
					<script language="javascript">
						alert("Username หรือ password ผิดค่ะ");
					</script>
				<?	
			}
		}
		else{
			?>
				<script language="javascript">
					window.location="index.php";
				</script>
			<?	
		}
		
	?>
    
    <meta http-equiv="refresh" content="0;url=index.php" />

</body>
</html>